AMENDMENT UNDER 37 C.F.R. §1.111 
U.S. Application No.: 10/511,898 



Attorney Docket No.: Q83 178 



REMARKS 

This Amendment, submitted in response to the Office Action dated September 3, 2009, is 
believed to be fully responsive to each point of rejection raised therein. Accordingly, favorable 
reconsideration on the merits is respectfully requested. 

Claims 1-19 are all the claims pending in the application. 

I. Rejection of claims 15-18 under 35 U.S.C. § 112 

Claims 15-18 are rejected under 35 U.S.C. 1 12, first paragraph, as allegedly failing to 
comply with the written description requirement. 

Claim 15 further recites, inter alia, "wherein the place-holder is relevant to the rule." 
The Examiner asserts that this aspect of the claim is not disclosed in the Applicant's disclosure. 
As previously submitted, the place-holder "$1" described in the Specification at p. 15, line 34 - 
p. 16, line 2, clearly represents the source or destination in the embodied rule prototypes, and the 
place-holder has definite relevance, as it corresponds to the ISP address of the e-mail server on 
the LAN. Therefore, the place-holder, such as place-holder "$1, is relevant to the at least 
parameterized rule specified according to a string of characters containing a place-holder for 
each parameter of said parameterized rule that is not statically defined, as claimed. 

In view of the forgoing, Applicant submits that the 35 U.S.C. § 1 12, first paragraph 
rejection should now be withdrawn. 

Applicant submits that if further clarification is required, in the interest of expediting to 
prosecution, to contact the Applicant's undersigned representative. 
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II. Rejection of claims 15-18 under 35 U.S.C. § 102 

Claims 15-18 are rejected under 35 U.S.C. 102(b) as being anticipated by Coss et al. (Coss 
hereinafter) (US Patent No. 6,170,012 Bl). 
Claim 15 

Claim 15 recites, inter alia,: 

"a management module coupled to said network data 
processing module, said management module comprising a 
first memory containing a first table, said first table 
containing primary identifiers associated with at least one 
parameterized rule for providing direction to said network 
data processing module when one or more of said primary 
identifiers and said at least one parameterized rule are 
associated with at least one parameter value 

The Examiner asserts that Fig. 3 and column 3, line 4 and lines 66-67 teaches the claimed 
first memory containing a first table. However, there does not appear to be any teaching or 
suggestion of a management module coupled to the network data processing module (firewall as 
asserted by the Examiner) comprising the first memory containing a first table. Coss discloses 
that the security policies can be represented by sets of access rules which are represented in 
tabular form and which are loaded into the firewall by a firewall administrator. 

Therefore, Coss does not appear to teach or suggest the claimed management module 
coupled to the network data processing module. 

Claim 15 recites, inter alia, "wherein said at least one primary metarule is specified 
according to a string of characters containing a place-holder for each parameter of said primary 
metarule that is not statically defined, wherein the place-holder is relevant to the rule ." 
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Coss only teaches the use of a "wild card" place-holder that represents "when a category 
provided for in the rule table is irrelevant in a certain rule." Coss, col. 4, lines 15-21. In 
contrast, the place-holder "$1" described in the Specification at p. 15, line 34 - p. 16, line 2, 
clearly represents the source or destination in the embodied rule prototypes, and the place-holder 
has definite relevance, as it corresponds to the ISP address of the e-mail server on the LAN. 

The Applicant thus submits that Coss fails to teach each and every element of claim 15, 
therefore, claim 15 and dependent claim 16 should be deemed allowable. 

To the extent independent claims 17 and 18 recite similar subject matter, claims 17 and 
18 should be deemed allowable for at least the same reasons. 

Claim 16 

Claim 16 recites "said management module further comprising a second memory 
containing a second table, said second table containing secondary identifiers associated with at 
least one of said primary identifiers and one or more respective parameter values." 

The Examiner asserts that Figs. 3 and 4 and column 5, lines 51-57 teaches the elements of 
claim 16. The aspects of Coss cited by the Examiner describe a rule table (Fig. 3) and a cache 
(Fig. 4). Further, Coss discloses that as the number of cache entries can grow to many times the 
number of rules, efficient use of a cache may require indexing. 

However, contrary to the Examiner's assertions, there is no teaching or suggestion of the 
claimed management module, or that the management module comprises a second memory 
containing a second table as claimed. 

Therefore, claim 16 and should further be deemed allowable. 
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III. Rejection of claims 1-14 under 35 U.S.C. § 103 

Claims 1- 14 are rejected under 35 U.S.C. 103(a) as being unpatentable over Coss et al. 
(Coss hereinafter) (US Patent No. 6,170,012 Bl) in view of Bellinger et al. (Bellinger 
hereinafter) (US 2002/0169858). 

To the extent independent claims 1 and 9 recite subject matter similar to independent 
claims 15, 17 and 18 as discussed above, Applicant submits that independent claims 1 and 9 and 
their dependent claims should be deemed allowable for at least the same reasons. Moreover, 
Bellinger does not cure the deficiencies of Coss. 

Claim 1 recites "a first table storing sets of at least one primary rule , called "primary 
metarules," in a parameterizable form and in corresponding relationship to primary identifiers ." 

The Examiner asserts that column 4, lines 1-6 teaches this aspect of the claim. Coss 
discloses that security policy rules can be represented by sets of access rules which are 
represented in tabular form and are loaded into a firewall. The table can provide for categories 
including rule numbers, designations of source and destination hosts, a designation of a special 
service and a specification of an action to be taken on a packet. 

However, Coss does not teach or suggest that the table stores sets of at least one primary 
rule , called "primary metarules," in a parameterizable form and in corresponding relationship to 
primary identifiers , as claimed. 

Claim 1 further recites: 

" management means which is coupled to control means of 
said data processing server and, on receipt of auxiliary 
data representing operating parameters that request 
reconfiguration of the control means , the auxiliary data 
delivered by said control means after reception by the data 
processing server of secondary data that requires 
reconfiguration of the control means, selects at least one 
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of the primary identifiers in the first table and 
associates said auxiliary data therewith so as to define 
dedicated processes of said control means" 



The Examiner asserts that column 4, lines 3-6 and column 5, lines 35-46 teach this aspect 
of the claim. Coss discloses a table can provide for categories including rule numbers, 
designations of source and destination hosts, a designation of a special service and a 
specification of an action to be taken on a packet. Further, Coss discloses that stateful packet 
filtering may be implemented by caching rule processing results. However, Coss does not teach 
at least the interrelationship between the management means, controls means, data processing 
server, auxiliary data and secondary data, as claimed. 

The Examiner states that Coss does not disclose "on receipt of auxiliary data representing 
operating parameters that request reconfiguration of the control means ," and cites Bellinger, 
paragraph [0077], to cure the deficiency. 

However, Bellinger does not cure the deficiencies of Coss disclosed above. Further, 

Bellinger discloses: 

Each service request, for both registration and 
activation, is sent via XML from the Service Provider's 
portal server to the central controller. The controller 
interprets the request by passing the service parameters 
through the pre-defined rules associated with the Service 
Offering and stored in the LDAP directory. These rules 
could be as simple as sending a configuration request to a 
Firewall to allow or deny access to specific ports, or it 
could be more complex as in the case of an Application 
Service where the central authority may have to pass access 
information to the application server, set up a VPN between 
the user and application server, punch through a firewall 
and modify the available bandwidth and QoS to the user. 



However, contrary to the Examiner's assertions, there is no teaching or suggestion that 
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on receipt of auxiliary data representing operating parameters that request reconfiguration of 
the control means , as claimed. 

For at least the above reasons, claim 1 and its dependent claims should be deemed 
allowable. 

To the extent independent claim 9 recite similar subject matter, independent claim 9 and 
its dependent claims should be deemed allowable for at least the same reasons. 

IV. New Claims 

Applicant has added claim 19 to further describe the primary metarule which is not 
disclosed in the cited art. Therefore, claim 19 should be deemed allowable. 

V. Conclusion 

In view of the above, reconsideration and allowance of this application are now believed 
to be in order, and such actions are hereby solicited. If any points remain in issue which the 
Examiner feels may be best resolved through a personal or telephone interview, the Examiner is 
kindly requested to contact the undersigned at the telephone number listed below. 
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The USPTO is directed and authorized to charge all required fees, except for the Issue 
Fee and the Publication Fee, to Deposit Account No. 19-4880. Please also credit any 
overpayments to said Deposit Account. 

Respectfully submitted, 
/Ruthleen E. Uy/ 



SUGHRUE MION, PLLC Ruthleen E. Uy 

Telephone: (202)293-7060 Registration No. 51,361 

Facsimile: (202) 293-7860 

— — E 

CUSTOMER NUMBER 

Date: November 16, 2009 
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